15 matches found
SUSE CVE-2026-46119
In the Linux kernel, the following vulnerability has been resolved: libceph: Fix slab-out-of-bounds access in auth message processing If a potentially corrupted message of type CEPHMSGAUTHREPLY contains a positive value in its result field, it is treated as an error code by cephhandleauthreply an...
SUSE-SU-2026:21912-1 Security update for qemu
This update for qemu fixes the following issues - CVE-2025-14876: qemu-kvm: Unbounded allocation in virtio-crypto bsc1255400. - CVE-2026-0665: out-of-bounds heap access can lead to a denial of service or potential memory corruption bsc1256484. - CVE-2026-2243: incorrect bounds check leads to heap...
EUVD-2026-32878
In the Linux kernel, the following vulnerability has been resolved: libceph: Fix slab-out-of-bounds access in auth message processing If a potentially corrupted message of type CEPHMSGAUTHREPLY contains a positive value in its result field, it is treated as an error code by cephhandleauthreply an...
CVE-2026-47271 pam_usb: OOM guards removed by -DNDEBUG cause NULL dereference and authentication process crash
pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.0, src/mem.c implemented out-of-memory guards for xmalloc, xrealloc, and xstrdup using assertdata != NULL. The C standard specifies that all assert expressions are compiled out when NDEBUG is defined at...
CVE-2026-42144 CImg Library: Integer overflow in PNM size check bypasses memory guard (_load_pnm)
CImg Library is a C++ library for image processing. Prior to commit 4ca26bc, there is an integer overflow vulnerability in the WHD size computation inside loadpnm that can bypass the memory allocation guard. A crafted PNM/PGM/PPM file with large dimension values causes the overflow to wrap around...
CVE-2026-42144 CImg Library: Integer overflow in PNM size check bypasses memory guard (_load_pnm)
CImg Library is a C++ library for image processing. Prior to commit 4ca26bc, there is an integer overflow vulnerability in the WHD size computation inside loadpnm that can bypass the memory allocation guard. A crafted PNM/PGM/PPM file with large dimension values causes the overflow to wrap around...
CVE-2026-42144
This CVE affects the CImg Library: an integer overflow in the WH D size computation inside _load_pnm() can bypass the memory allocation guard, leading to a potentially undersized heap buffer and heap buffer overflow when loading crafted PNM/PGM/PPM images. The issue is mitigated by the patch intr...
SUSE CVE-2026-34988
Wasmtime is a runtime for WebAssembly. From 28.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's implementation of its pooling allocator contains a bug where in certain configurations the contents of linear memory can be leaked from one instance to the next. The implementation of resetting the...
CVE-2026-35186
A flaw was found in Wasmtime, a runtime for WebAssembly. The Winch compiler backend incorrectly handles the table.grow operator, leading to an internal type mismatch. This can result in a Denial of Service DoS, where the host process crashes. Additionally, under specific configurations with...
EUVD-2026-21033
Wasmtime has data leakage between pooling allocator instances...
Wasmtime has data leakage between pooling allocator instances
Impact Wasmtime's implementation of its pooling allocator contains a bug where in certain configurations the contents of linear memory can be leaked from one instance to the next. The implementation of resetting the virtual memory permissions for linear memory used the wrong predicate to determin...
GHSA-6WGR-89RJ-399P Wasmtime has data leakage between pooling allocator instances
Impact Wasmtime's implementation of its pooling allocator contains a bug where in certain configurations the contents of linear memory can be leaked from one instance to the next. The implementation of resetting the virtual memory permissions for linear memory used the wrong predicate to determin...
DEBIAN-CVE-2026-34988
Wasmtime is a runtime for WebAssembly. From 28.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's implementation of its pooling allocator contains a bug where in certain configurations the contents of linear memory can be leaked from one instance to the next. The implementation of resetting the...
CVE-2026-34988 Wasmtime leaks data between pooling allocator instances
Wasmtime is a runtime for WebAssembly. From 28.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's implementation of its pooling allocator contains a bug where in certain configurations the contents of linear memory can be leaked from one instance to the next. The implementation of resetting the...
CVE-2026-34988
Wasmtime is a runtime for WebAssembly. From 28.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's implementation of its pooling allocator contains a bug where in certain configurations the contents of linear memory can be leaked from one instance to the next. The implementation of resetting the...